package com.example.springsecurityoauth2demo.controller;

import com.example.springsecurityoauth2demo.model.pojo.User;
import com.example.springsecurityoauth2demo.model.req.ReqUser;
import com.example.springsecurityoauth2demo.service.UserService;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import java.util.List;

/**
 * @author Liusr
 * @date 2024/3/1
 * @package com.example.springsecurityoauth2demo.controller
 * @Description: User资源服务器 UserController
 */
@RestController
@RequestMapping("/api/user")
public class UserController {

	@Resource
	private UserService userService;

	/**
	 * 得到所有用户列表，所有权限可以访问
	 * @return
	 */
	@PostMapping("/users")
	public List<User> getAllUsers() {
		return userService.getAllUsers();
	}

	/**
	 * 增加用户，只有权限为admin的用户才可以访问
	 */
	@PostMapping("/save")
	public Object save(@RequestBody ReqUser reqUser) {
		return userService.save(reqUser);
	}
}
